Internet plays inseparably an important role in our daily life, and it is predicted that role of Internet increases when internet of thing IoT is really applied to daily life. However, conventional network equipment operates according to a preset rule, and thus it is difficult to manage it and it is inconvenient that every related equipment must be updated or exchanged when new function is added. It seems that the network equipment is weak to various new malicious attacks in security.
Accordingly, a software defined network SDN has been developed to solve the above problem. Unlike the conventional network equipment, a control plane and a data plane are divided in the SDN. As a result, network architecture is simple, the network is flexibly managed, and the network is partially stronger to malicious attacks than the conventional network. However, the SDN does not provide perfect solution in security and it has still weakness in security.
Specially, DDoS attack means an attack in which attackers in distributed arrangement perform simultaneously denial of service attack DoS, and so a system cannot provide normal service. That is, if the DDoS attack is performed between the control plane and the data plane in the SDN, a controller cannot provide normally instruction to a data layer. If massive forged packets are delivered to a switch through the DDoS attack, overload is applied to the SDN, and thus the SDN cannot normally operate.
In recent, many researchers have been studied methods of detecting and reducing the DDoS attack in the SDN. A method of perfectly detecting and protecting the DDoS attack applied to the controller of the SDN has not been developed.